Email Intelligence Identifying
Fake Accounts


The client is one of the world’s largest video gaming companies.  This client was having problems with fake accounts often created by low and slow attacks.  Accounts created as a result of these low and slow attacks were adding up to 15% of overall registered users.

The Business Problem

As one of the largest players in the gaming industry space, this client has been using Arkose products to identify and mitigate bot attacks.  Arkose products have been very effective in helping this client fight against high volume bot attacks.  However, they have identified that, in addition to high volume attacks, the fraudsters are also leveraging low and slow tactics to avoid getting detected by bot detection algorithms.  Such attempts have accounted for around 15% of registered users.  Therefore, this gaming giant needed a solution to supplement their fraud and bot mitigation efforts to mainly target low and slow attacks.  For this purpose, they tested Arkose Email Intelligence as this service is already integrated with Arkose Bot Management products and has high accuracy in determining low and slow fraud attempts.

The Arkose Labs Solution

This gaming giant decided to test Arkose Email Intelligence to mitigate fake accounts created by mainly low and slow attacks.  Arkose Email Intelligence is an offering that is integrated with other Arkose products and clients who opt in for this service pass the email address used in the session in addition to device and IP related attributes.  Arkose Email Intelligence evaluates the email address in several risk factors such as:

  • Email Formation – Syntactical errors associated with the email address
  • Gibberish Handle Detection – Whether the email handle represents gibberish and was created for abuse
  • Email Enumeration – Whether the email is an enumerated form (varying by a few digits) from an email seen previously
  • Email Tumbling – Whether the email is using an alias with an inbox same as an email seen previously
  • Handle Pattern Recognition – Whether the email handle, although new, is being created by an automated script
  • Email & Domain Velocity – Frequency at which emails & domains appear across Arkose network
  • Domain Intelligence – The risk associated with the email domain, existence, and ownership information

and any risk indicator identified is returned in the output for the client to take further action.  In addition, these risk factors can also be leveraged in challenge decision to automatically mitigate bot driven attacks.  In this exercise, the client opted in to test Arkose Email Intelligence in offline mode and therefore risk factors around the email address were not leveraged in challenge decision.

Demonstrated Results

In this offline test, the client shared 100,000 email addresses used in registration attempts.  Sample consisted of emails from both good and fraud accounts.  14,715 of the emails evaluated by Arkose Email Intelligence were identified to contain a risk factor.  Major risk factors found included risky domains (disposable or recently created) and Email Enumeration.  Based on the truth data provided by the client, we observed that Email Intelligence rules identified 45% of the fraud instances with 75% accuracy.  Moreover, combining Email Intelligence with Arkose Bot Detection results, we saw that the fraud coverage was over 90%.  These results support that leveraging Email Intelligence in conjunction with Arkose Bot Detection would help the client mitigate a high majority of the fraud attempts at a high accuracy level.

Book a Meeting

Meet with a fraud and account security expert

Request a customized demo to learn more.